AI Security Review
scanned 11d ago · by lpm-firewall-aiNo confirmed malicious attack surface is established. The package is a Clerk React UI bundle with user-invoked authentication, organization, billing, API-key, and dev prompt flows.
Static reason
One or more suspicious static signals were detected.
Trigger
Application imports or renders @clerk/ui components, or explicitly imports @clerk/ui/register.
Impact
Expected Clerk UI behavior; no persistence, credential harvesting, lifecycle mutation, or unauthorized exfiltration found.
Mechanism
React UI bundle and Clerk SDK method calls
Rationale
Static inspection shows a published Clerk UI component package with no lifecycle hooks and no source evidence of malware primitives beyond browser UI actions aligned with authentication/product features. Scanner hits for network, protestware-like text, and secrets are explained by docs/dashboard links and UI flows for backup codes, TOTP, and API keys.
Evidence
package.jsonregister/index.mjsregister/index.cjsdist/index.jsdist/entry.jsdist/server.jsdist/components/UserProfile/MfaBackupCodeList.jsdist/components/SessionTasks/tasks/TaskChooseOrganization/CreateOrganizationScreen.jsdist/no-rhc/components/devPrompts/KeylessPrompt/index.js
Network endpoints5
dashboard.clerk.com/~/organizations-settingsclerk.com/docs/guides/organizations/overviewdashboard.clerk.com/last-activego.clerk.com/componentssolana.com/solana-wallets
Decision evidence
public snapshotAI called this Clean at 94.0% confidence as Benign with low false-positive risk.
Evidence for block
Evidence against
- package.json exports only dist/register entries and has no install/preinstall/postinstall lifecycle hooks.
- register/index.mjs and register/index.cjs only import React packages and set globalThis.__clerkSharedModules.
- dist/index.js, dist/entry.js, and dist/server.js export ClerkUI/ui objects; no install-time behavior.
- Search found no fs, child_process, native binary, wasm, shell script, or AI-agent control-surface writes.
- Network/browser APIs are UI-aligned: dashboard/docs links, organization logo fetch, Clerk environment/resource methods, and user-triggered window.open.
- Secret-pattern hits are UI text for backup codes/TOTP/API-key display/copy flows, not hardcoded credentials or exfiltration.
Behavioral surface
ChildProcessCryptoNetworkShellWebSocket
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
Source & flagged code
3 flagged · loading sourcedist/ui-common_ui_2bed30_1.24.1.jsView file
14patternName = generic_password
severity = medium
line = 14
matchedText = `}),(0,o...i7)`
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/ui-common_ui_2bed30_1.24.1.jsView on unpkg · L14dist/ui-common_ui_821323_1.24.1.jsView file
1patternName = generic_password
severity = medium
line = 1
matchedText = "use str...}]);
Medium
Secret Pattern
Hardcoded password in dist/ui-common_ui_821323_1.24.1.js
dist/ui-common_ui_821323_1.24.1.jsView on unpkg · L1dist/ui-common_ui_be75c0_1.24.1.jsView file
14patternName = generic_password
severity = medium
line = 14
matchedText = `}),(0,n...i7)`
Medium
Secret Pattern
Hardcoded password in dist/ui-common_ui_be75c0_1.24.1.js
dist/ui-common_ui_be75c0_1.24.1.jsView on unpkg · L14Findings
6 Medium4 Low
MediumSecret Patterndist/ui-common_ui_2bed30_1.24.1.js
MediumNetwork
MediumProtestware
MediumStructural Risk Force Deep Review
MediumSecret Patterndist/ui-common_ui_821323_1.24.1.js
MediumSecret Patterndist/ui-common_ui_be75c0_1.24.1.js
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings